Tutur Gayo

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Bahasa Gayo writing and review skill with cautious source guidance and no executable code, credentials, persistence, or privileged access.

Safe to install for cautious Bahasa Gayo drafting or review. Use it when you intentionally want Bahasa Gayo or Gayo regional adaptation, and get a competent speaker or official review for legal, ritual, public, educational, or dialect-sensitive text.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The default prompt hard-codes use of Bahasa Gayo for adaptation, which can steer the agent into a specific locale/language without explicit user opt-in. While this is aligned with the skill’s stated purpose and not obviously malicious, it can still cause unwanted localization, miscommunication, or inappropriate language selection when invoked in broader contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal